Page MenuHomeFreeBSD
Differential D39282

ifconfig: Improve VLAN Identifier number parsing
ClosedPublic
Actions

Authored by zlei on Mar 27 2023, 9:17 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Jun 5, 6:05 PM
Unknown Object (File)
May 10 2024, 4:17 AM
Unknown Object (File)
May 5 2024, 10:11 PM
Unknown Object (File)
Apr 27 2024, 3:52 AM
Unknown Object (File)
Apr 27 2024, 3:52 AM
Unknown Object (File)
Apr 27 2024, 3:51 AM
Unknown Object (File)
Apr 27 2024, 3:51 AM
Unknown Object (File)
Apr 27 2024, 2:35 AM
View All 29 Files
Subscribers
imp

Details

Reviewers
melifaro
Group Reviewers
network
Commits
rGba169bddbc9d: ifconfig: Improve VLAN identifier parsing
rG28b498e65ab4: ifconfig: Improve VLAN identifier parsing
Summary

VLAN Identifier number 0xFFF is reserved.

Also validate during parsing to prevent potential integer overflow.

Fixes: c7cffd65c5d85 Add support for stacked VLANs (IEEE 802.1ad, AKA Q-in-Q)
MFC after: 1 week

Test Plan
root@:~ # ifconfig em0.4095 create
ifconfig: invalid vlan tag
# ifconfig epair create name e
e
# ifconfig e.4294967297 create
ifconfig: invalid vlan tag

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

zlei created this revision.Mar 27 2023, 9:17 AM
Herald added a subscriber: imp. · View Herald TranscriptMar 27 2023, 9:17 AM
zlei requested review of this revision.Mar 27 2023, 9:17 AM
zlei retitled this revision from ifconfig: Improve VLAN Identifier parsing to ifconfig: Improve VLAN Identifier number parsing.Mar 27 2023, 9:22 AM
melifaro added a comment.Mar 27 2023, 9:41 AM

Conceptually LGTM, please see an implementation comment inline.

sbin/ifconfig/ifvlan.c
133–143

I'd suggest splitting parsing and validation to improve readability.
For example, get the vid using strtol() and then check the range explicitly.

zlei added inline comments.Mar 27 2023, 10:06 AM
sbin/ifconfig/ifvlan.c
133–143

I'd suggest splitting parsing and validation to improve readability

Reasonable

guest-patmaddox added a subscriber: guest-patmaddox.Mar 27 2023, 10:16 AM
zlei added inline comments.Mar 27 2023, 1:23 PM
sbin/ifconfig/ifvlan.c
133–143

Well, vid is possible to overflow (without fix).

# ifconfig epair create name e
e
# ifconfig e.4294967297 create
root@:~ # ifconfig e.4294967297
e.4294967297: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	ether 02:2c:90:bf:36:0a
	groups: vlan
	vlan: 1 vlanproto: 802.1q vlanpcp: 0 parent interface: e
	media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
	status: active
	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

So we either need strtol() or validating while parsing

zlei edited the test plan for this revision. (Show Details)Mar 27 2023, 1:24 PM
zlei added inline comments.Mar 27 2023, 1:59 PM
sbin/ifconfig/ifvlan.c
133–143

Just verified that strtol() does not detect overflow, and it ignores leading zeros. strtoimax() is sufficent but it also ignores leading zeros.

Using strtoxx functions need extra effort.

So I think current version is good enought.

@melifaro What do you think ?

zlei edited the summary of this revision. (Show Details)Mar 27 2023, 2:01 PM
zlei edited the summary of this revision. (Show Details)
melifaro requested changes to this revision.Mar 27 2023, 2:10 PM
melifaro added inline comments.
sbin/ifconfig/ifvlan.c
133–143

Thank you for evaluating the options!

I think that the implementation should be easily readable.
IMO, the intent here is that we should provide a good human-readable error for the innocent mistakes.
The kernel will still reject the invalid output.
I'd still suggest doing some sort of str-to-int conversion (even it doesn't detect overflow) and check the result afterwards.

This revision now requires changes to proceed.Mar 27 2023, 2:10 PM
zlei added inline comments.Mar 31 2023, 7:44 AM
sbin/ifconfig/ifvlan.c
139

@melifaro This is much simpler, do you support me?

melifaro added inline comments.Mar 31 2023, 8:33 AM
sbin/ifconfig/ifvlan.c
136–143

I was thinking of something like above. I don't have really hard opinion here, so if you believe your version is more readable - go with it.

melifaro accepted this revision.Mar 31 2023, 8:33 AM
This revision is now accepted and ready to land.Mar 31 2023, 8:33 AM
zlei added inline comments.Mar 31 2023, 4:21 PM
sbin/ifconfig/ifvlan.c
136–143

I don't have really hard opinion here, so if you believe your version is more readable - go with it.

Do you mean the current patch, or the latter

if (*cp != '\0' || vid == 0xFFF || (vid & ~0xFFF))

?

zlei updated this revision to Diff 119780.Apr 2 2023, 5:35 PM

Use unsigned int for vid.

Inspired by @melifaro 's comment:

// unsigned int vid;

char *invalid_char = NULL;
This revision now requires review to proceed.Apr 2 2023, 5:35 PM
melifaro accepted this revision.Apr 2 2023, 5:39 PM
This revision is now accepted and ready to land.Apr 2 2023, 5:39 PM
Closed by commit rG28b498e65ab4: ifconfig: Improve VLAN identifier parsing (authored by zlei). · Explain WhyApr 2 2023, 6:19 PM
This revision was automatically updated to reflect the committed changes.
zlei added a commit: rG28b498e65ab4: ifconfig: Improve VLAN identifier parsing.
zlei mentioned this in D39396: ifconfig: Use the interface name we get back when configuring if_bridge with additional operating parameters.Apr 4 2023, 1:09 AM
zlei added a commit: rGba169bddbc9d: ifconfig: Improve VLAN identifier parsing.Apr 10 2023, 4:17 AM
guest-patmaddox removed a subscriber: guest-patmaddox.Jul 29 2023, 5:38 AM

Revision Contents
Changeset List

PathSize
sbin/
ifconfig/
9 lines

Diff 119782

View Options

sbin/ifconfig/ifvlan.c

Loading...